Hardware Malware – WSWiR Episode 112

Tons of Patches, Facebook Botnets, and Infected Hand Scanners

After a couple weeks of hiatus, we’re finally back with our weekly security news summary video. If you want to learn about all the week’s important security news from one convenience resource, this is the place to get it.

This episode covers the latest popular software security updates from the last two weeks, and interesting Litecoin mining botnet that Facebook helped eradicate, and an advanced attack campaign that leverages pre-infected hardware products. Watch the video for the details, and check out the Reference’s for more information, and links to many other interesting InfoSec stories.

Enjoy your summer weekend, and stay safe!

(Episode Runtime: 7:37)

Direct YouTube Link: https://www.youtube.com/watch?v=oAHYUW1KkM0

Episode References:

• Microsoft’s July Patch Day
  • Microsoft July Patch notification – Microsoft
  • Microsoft IE alert fixes over 20 vulnerabilities – WGSC
  • Windows updates fix Journal flaw and more –  WGSC
  • Minor Service Bus issue likely only affects few –  WGSC
  • Microsoft SSL certificate security advisory – Microsoft
• Apple’s June Patches
  • Apple security updates summary page – Apple
  • Apple’s June OS X security updates – Apple
  • Apple’s June Safari security update – Apple
  • iOS 7.1.2 security update – Apple
  • Apple TV June security update – Apple
• Adobe Patch Day
  • Adobe patches Rosetta Flash – WGSC
  • Michele Spagnuolo blog post on Rosetta Flash – Miki.it
• Facebook helps thwart Lecpetex Litecoin botnet – Facebook
• Zombie Zero: Malware found in Chinese Inventory Scanners – Network World
  • TrapX report or Hand Held Scanners attack campaign – TrapX
  • Dark Reading covers Zombie Zer0 – Dark Reading

Extras:

• US arrests accused Russia CC hacker; Russia claims kidnapping – Krebs on Security
• Microsoft botnet shutdown had collateral damage on No-IP – SC Magazine
• EFF sues NSA for using 0day – Network World
• The NSA gathers far more info from general Internet users than it does targeted foreign national – The Washington Post
• HotelHippo shut down after discovery of security flaws on site – SC Magazine
• Accused UK hacker jailed for refusing to hand over his password and crypto keys – The Register
• Google Glass can steal passwords from 10ft away (hyperbole?) – We Live Security
• DoHS accuses Chinese attackers of hacking records from Office of Personnel Management – NY Times
  • Kerry says Chinese hackers didn’t get any sensitive info – NBC News
• New PoS botnet surfaced on the underground in May – The Register
  • PoS Botnet leverages RDP – SC Magazine
• Google patched a Drive file leaking vulnerability – Naked Security
• Flaw in smart bulbs could leak Wifi passwords – Ars Technica
• Google blocks a lot of unauthorized digital certificates from India – Google
• Dragonfly ICS malware affects global energy companies – IT Portal
  • Older F-Secure story – The Register
  • Gizmodo also covers this story – Gizmodo
• Latest iOS jailbreak supports iOS 7.1.2 – CNET
• Hijack Hunter; a comparable tool to HijackThis – Ghacks
• Cloud Remote Access and common password allowed attacker in – Computer World
• Cisco Unified Communications have hard coded SSH key (backdoor) – The Register
  • Patch for Cisco UC backdoor – Cisco
• MiniDuke authors seem to target drug dealers – The Guardian
• CosmicDuke targets drug dealers and military contractors – Techweek
• Dailymotion hijacked to serve Drive-by Download… again! – Network World
• Zeus will never die (re-emerges after a takedown) – Ars Technica
• Tinba malware source code leak – CSIS
  • Tinba malware analysis – Trend Micro

— Corey Nachreiner, CISSP (@SecAdept)

Share This: